redlock.io Open in urlscan Pro
2606:4700:3034::681f:5957 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Submission: On June 10 via api (June 10th 2020, 1:32:59 am UTC) from US

Summary HTTP 109 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 21 domains to perform 109 HTTP transactions. The main IP is 2606:4700:3034::681f:5957, located in United States and belongs to CLOUDFLARENET, US. The main domain is redlock.io.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 12th 2020. Valid for: 8 months.

This is the only time redlock.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
60	2606:4700:303... 2606:4700:3034::681f:5957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.198.108 13.224.198.108	16509 (AMAZON-02) (AMAZON-02)
2	13.224.198.92 13.224.198.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
6	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.89.77 143.204.89.77	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f05... 2a03:2880:f058:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.89.103 143.204.89.103	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f15... 2a03:2880:f158:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	54.171.23.184 54.171.23.184	16509 (AMAZON-02) (AMAZON-02)
1	108.128.221.150 108.128.221.150	16509 (AMAZON-02) (AMAZON-02)
109	24

60 2606:4700:3034::681f:5957 (United States)

ASN13335 (CLOUDFLARENET, US)

redlock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:299::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.198.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-108.fra2.r.cloudfront.net

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.198.92 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-92.fra2.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-77.fra50.r.cloudfront.net

munchkin.brightfunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f058:f:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-103.fra50.r.cloudfront.net

api.brightfunnel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f158:82:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.40 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.23.184 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-23-184.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.221.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-221-150.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	redlock.io redlock.io	1 MB
6	gstatic.com fonts.gstatic.com	65 KB
6	googleusercontent.com lh4.googleusercontent.com lh3.googleusercontent.com lh5.googleusercontent.com lh6.googleusercontent.com	1 MB
5	adroll.com 1 redirects s.adroll.com d.adroll.com	14 KB
5	googleapis.com fonts.googleapis.com	4 KB
4	facebook.com www.facebook.com	360 B
3	facebook.net connect.facebook.net	193 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	brightfunnel.com munchkin.brightfunnel.com api.brightfunnel.com	7 KB
2	google.de www.google.de	214 B
2	google.com 1 redirects www.google.com	313 B
2	driftt.com js.driftt.com	45 KB
2	terminus.services vidassets.terminus.services
2	hubspot.com no-cache.hubspot.com	92 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	17 KB
2	adobedtm.com assets.adobedtm.com	23 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	136 B
1	googleadservices.com www.googleadservices.com	11 KB
1	jquery.com code.jquery.com	122 KB
1	googletagmanager.com www.googletagmanager.com	26 KB
109	21

	Domain	Requested by
60	redlock.io	redlock.io
6	fonts.gstatic.com	redlock.io
5	fonts.googleapis.com	redlock.io
4	s.adroll.com	1 redirects redlock.io s.adroll.com
4	www.facebook.com	redlock.io connect.facebook.net
3	connect.facebook.net	redlock.io connect.facebook.net
3	lh4.googleusercontent.com	redlock.io
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	www.google.de	redlock.io
2	www.google.com	1 redirects redlock.io
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	js.driftt.com	assets.adobedtm.com js.driftt.com
2	vidassets.terminus.services	redlock.io
2	no-cache.hubspot.com	redlock.io
2	maxcdn.bootstrapcdn.com	redlock.io
2	assets.adobedtm.com	redlock.io assets.adobedtm.com
1	d.adroll.com
1	d.adroll.mgr.consensu.org	1 redirects
1	stats.g.doubleclick.net	redlock.io
1	api.brightfunnel.com	munchkin.brightfunnel.com
1	www.googleadservices.com	www.googletagmanager.com
1	munchkin.brightfunnel.com	redlock.io
1	code.jquery.com	redlock.io
1	www.googletagmanager.com	redlock.io
1	lh6.googleusercontent.com	redlock.io
1	lh5.googleusercontent.com	redlock.io
1	lh3.googleusercontent.com	redlock.io
109	27

This site contains links to these domains. Also see Links.

Domain
www.paloaltonetworks.com
app.redlock.io
www.daemonology.net
info.redlock.io
169.254.169.254
cloud.google.com
cta-redirect.hubspot.com
twitter.com
www.linkedin.com
www.facebook.com
blog.redlock.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-12` - `2020-10-09`	8 months	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-14` - `2020-10-13`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2020-05-15` - `2020-10-09`	5 months	crt.sh
*.terminus.services Amazon	`2020-01-13` - `2021-02-13`	a year	crt.sh
drift.com Amazon	`2019-10-03` - `2020-11-03`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.brightfunnel.com Amazon	`2020-04-13` - `2021-05-13`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.adroll.com DigiCert SHA2 Secure Server CA	`2020-01-29` - `2021-04-29`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2019-11-06` - `2020-12-06`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Frame ID: 132973B5B00523B2E49B50DF67CBDE9F
Requests: 106 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: B2873BBD71580ACAD5E92F49CEEE876E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 18BF54380EE1AFBDE69303B4EAE783E8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AE4907CFF43D86B53D9CA47805A2D590
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

109
Requests

100 %
HTTPS

68 %
IPv6

21
Domains

27
Subdomains

24
IPs

6
Countries

2733 kB
Transfer

5010 kB
Size

11
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.paloaltonetworks.com/redlock
Title: READ MORE

Search URL Search Domain Scan URL

URL: https://app.redlock.io/
Title: Login

Search URL Search Domain Scan URL

URL: http://www.daemonology.net/blog/2016-10-09-EC2s-most-dangerous-feature.html
Title: researcher had reported

Search URL Search Domain Scan URL

URL: https://info.redlock.io/cloud-security-trends-may2018
Title: RedLock CSI Trends Report - May 2018 edition

Search URL Search Domain Scan URL

URL: http://169.254.169.254/
Title: http://169.254.169.254/

Search URL Search Domain Scan URL

URL: https://cloud.google.com/kubernetes-engine/docs/how-to/metadata-concealment
Title: metadata concealment

Search URL Search Domain Scan URL

URL: https://cta-redirect.hubspot.com/cta/redirect/2254955/8dc1e6c5-9908-46ee-b666-e9ebbe85381f

Search URL Search Domain Scan URL

URL: https://cta-redirect.hubspot.com/cta/redirect/2254955/4d351c67-90e0-479f-a2bc-d1da9521e17a

Search URL Search Domain Scan URL

URL: https://twitter.com/Redlockio

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/7587134/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/redlockio

Search URL Search Domain Scan URL

URL: https://blog.redlock.io/
Title: Blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855482527/?guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/855482527/?guid=ON&script=0&is_vtc=1&random=2566441910 HTTP 302
https://www.google.de/pagead/1p-user-list/855482527/?guid=ON&script=0&is_vtc=1&random=2566441910&ipr=y&ezwbk=AZuM4hAon1ll3g1hf5WWWlq8lgDEdWovnWueVB7JaZNs1oBgdFh78Tsa8dxi6vJk6ztiJ_V-q1UrSgSFmH-ZzSUquhX0

Request Chain 93

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2120170069&t=pageview&_s=1&dl=https%3A%2F%2Fredlock.io%2Fblog%2Finstance-metadata-api-a-modern-day-trojan-horse&ul=en-us&de=UTF-8&dt=Instance%20Metadata%20API%3A%20A%20Modern%20Day%20Trojan%20Horse&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=509376923&gjid=2001962286&cid=1927627854.1591752744&tid=UA-83198078-1&_gid=666319391.1591752744&_r=1&gtm=2wg5r0MRMBVDP&z=1410876757 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83198078-1&cid=1927627854.1591752744&jid=509376923&_gid=666319391.1591752744&gjid=2001962286&_v=j82&z=1410876757

Request Chain 103

https://s.adroll.com/j/exp/UCJSLX6BO5CABL3QIU2FZV/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 105

https://d.adroll.mgr.consensu.org/consent/iabcheck/UCJSLX6BO5CABL3QIU2FZV?_s=15566cd249c7c47113fc0fd581a10896&_b=2 HTTP 302
https://d.adroll.com/consent/check/UCJSLX6BO5CABL3QIU2FZV/?_s=15566cd249c7c47113fc0fd581a10896&_b=2

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request instance-metadata-api-a-modern-day-trojan-horse Show response
redlock.io/blog/ 105 KB
30 KB 575ms
538ms Document
text/html 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: 15a10e1fdd6d998f091d29aee484e9bec8079dd38c10c5ad0735c4208aadd84a

Request headers

:method: GET
:authority: redlock.io
:scheme: https
:path: /blog/instance-metadata-api-a-modern-day-trojan-horse
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 10 Jun 2020 01:32:22 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df9ae9230d687ab956a3fb1a62c2ff5c31591752741; expires=Fri, 10-Jul-20 01:32:21 GMT; path=/; domain=.redlock.io; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-pingback: https://redlock.io/xmlrpc.php
link: <https://redlock.io/wp-json/>; rel="https://api.w.org/" <https://redlock.io/?p=3642>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
cf-request-id: 033d746bd6000017669f22c200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5a0f568c8de31766-FRA
content-encoding: br

GET
H2 200 satelliteLib-85e66e82be1ac73eb81ae8b3ed59190ea2813357.js Show response
assets.adobedtm.com/90b129d72f4716e69353423cbd3d35a4caed23e2/ 70 KB
22 KB 62ms
9ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/90b129d72f4716e69353423cbd3d35a4caed23e2/satelliteLib-85e66e82be1ac73eb81ae8b3ed59190ea2813357.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9e2f8fcffeb228a927d3bcce579a14732eb7b42a43e0d893929ce74e314ee015

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: gzip
last-modified: Tue, 06 Nov 2018 22:19:32 GMT
server: AkamaiNetStorage
etag: "29e455eb2b3c52b807c7c06ddb3d9df5:1541542772"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 22175
expires: Wed, 10 Jun 2020 02:32:22 GMT

GET
H2 200 style.min.css
redlock.io/wp-includes/css/dist/block-library/ 25 KB
4 KB 20ms
11ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Jan 2019 19:38:57 GMT
server: cloudflare
age: 1148136
status: 200
etag: W/"5c2fb651-629a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff92e1766-FRA
cf-request-id: 033d746dfe000017669f23b200000001

GET
H2 200 advanced-floating-content-public.css
redlock.io/wp-content/plugins/advanced-floating-content-2/public/css/ 0
127 B 37ms
29ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/advanced-floating-content-2/public/css/advanced-floating-content-public.css?ver=1.0.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
cf-cache-status: HIT
age: 493739
cf-polished: origSize=98
status: 200
content-length: 0
cf-request-id: 033d746dfe000017669f23c200000001
last-modified: Sun, 25 Feb 2018 20:14:38 GMT
server: cloudflare
etag: "5a93192e-62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f568ff92f1766-FRA
cf-bgj: minify

GET
H2 200 animate.css
redlock.io/wp-content/plugins/advanced-floating-content-2/public/css/ 17 KB
3 KB 20ms
12ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/advanced-floating-content-2/public/css/animate.css?ver=1.0.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4966cb23ef6dfde265440bd81a088c92d6b0a47a5be6e096e005dc8ab4efc671

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1089001
cf-polished: origSize=23848
status: 200
cf-request-id: 033d746dfe000017669f23d200000001
last-modified: Sun, 25 Feb 2018 20:14:38 GMT
server: cloudflare
etag: W/"5a93192e-5d28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9301766-FRA
cf-bgj: minify

GET
H2 200 styles.css
redlock.io/wp-content/plugins/contact-form-7/includes/css/ 1 KB
625 B 22ms
14ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.9.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efa234ba8fea30f028f728b42ba027da0baff915759c21129893c18e74de9a43

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 306733
cf-polished: origSize=1606
status: 200
cf-request-id: 033d746dfe000017669f23e200000001
last-modified: Thu, 07 Dec 2017 00:05:54 GMT
server: cloudflare
etag: W/"5a2885e2-646"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9311766-FRA
cf-bgj: minify

GET
H2 200 csbwfs.css
redlock.io/wp-content/plugins/custom-share-buttons-with-floating-sidebar/css/ 4 KB
1 KB 18ms
10ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/custom-share-buttons-with-floating-sidebar/css/csbwfs.css?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d97717da312832a82535b2a159f3047c810cc531160c1825778a522b0e90d0bc

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1426028
cf-polished: origSize=6223
status: 200
cf-request-id: 033d746dfe000017669f23f200000001
last-modified: Wed, 15 Aug 2018 21:37:28 GMT
server: cloudflare
etag: W/"5b749d18-184f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9321766-FRA
cf-bgj: minify

GET
H2 200 frontend.css
redlock.io/wp-content/plugins/my-syntax-highlighter/inc/css/ 301 B
272 B 20ms
12ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/my-syntax-highlighter/inc/css/frontend.css?ver=2.33
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442048bb029ae037356e956aa00da2dd88c25de1e1ea4922e4d5abc8cf766406

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1428346
cf-polished: origSize=671
status: 200
cf-request-id: 033d746dff000017669f240200000001
last-modified: Mon, 26 Nov 2018 17:43:55 GMT
server: cloudflare
etag: W/"5bfc30db-29f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9341766-FRA
cf-bgj: minify

GET
H2 200 slidingmessages.min.css
redlock.io/wp-content/plugins/slidingmessages/assets/css/ 11 KB
2 KB 20ms
13ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/slidingmessages/assets/css/slidingmessages.min.css?ver=3.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2a45d797b5274f5370f1e11258fed3d9326c88956b4f312f6432c600e64b86b

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Apr 2018 22:44:11 GMT
server: cloudflare
age: 1376363
status: 200
etag: W/"5ad678bb-2a8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9361766-FRA
cf-request-id: 033d746dff000017669f241200000001

GET
H2 200 font-awesome.min.css
redlock.io/wp-content/plugins/slidingmessages/assets/css/ 30 KB
7 KB 23ms
16ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/slidingmessages/assets/css/font-awesome.min.css?ver=3.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Apr 2018 22:44:11 GMT
server: cloudflare
age: 1148137
status: 200
etag: W/"5ad678bb-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9371766-FRA
cf-request-id: 033d746dff000017669f242200000001

GET
H2 200 wprmenu.css
redlock.io/wp-content/plugins/wp-responsive-menu/css/ 6 KB
1 KB 20ms
12ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/wp-responsive-menu/css/wprmenu.css?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e91ea289ee2b14e4cfbb4c0cc66aeeb467019e536caf42af05be419be0654e1

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1428346
cf-polished: origSize=7158
status: 200
cf-request-id: 033d746dff000017669f243200000001
last-modified: Wed, 15 Aug 2018 21:37:31 GMT
server: cloudflare
etag: W/"5b749d1b-1bf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9381766-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 7 KB
843 B 25ms
18ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C600&ver=5.1.1

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 00:24:38 GMT
server: ESF
date: Wed, 10 Jun 2020 01:32:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jun 2020 01:32:22 GMT

GET
H2 200 frontend-render.css
redlock.io/wp-content/plugins/cta/shared/shortcodes/css/ 61 KB
10 KB 34ms
27ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/cta/shared/shortcodes/css/frontend-render.css?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b69890fb2918df2454518ad016962ed1fb45885ef1e35058fad81a30faac9586

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1426027
cf-polished: origSize=77363
status: 200
cf-request-id: 033d746dff000017669f244200000001
last-modified: Mon, 26 Nov 2018 17:43:54 GMT
server: cloudflare
etag: W/"5bfc30da-12e33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff93a1766-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 7 KB
730 B 27ms
20ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b921c893d56c50550e3d9ff71011c403d3303bdc5f48a5f08882ba36afea08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 00:19:37 GMT
server: ESF
date: Wed, 10 Jun 2020 01:32:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jun 2020 01:32:22 GMT

GET
H2 200 style.css
redlock.io/wp-content/themes/redlock/ 55 KB
10 KB 23ms
17ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/style.css?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210fb15b86efa3c12373290e819f5b108d0652670650719edc7890789e8059b3

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1148137
cf-polished: origSize=81698
status: 200
cf-request-id: 033d746dff000017669f245200000001
last-modified: Wed, 15 Aug 2018 21:37:31 GMT
server: cloudflare
etag: W/"5b749d1b-13f22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff93b1766-FRA
cf-bgj: minify

GET
H2 200 masterslider.main.css
redlock.io/wp-content/plugins/masterslider/public/assets/css/ 66 KB
8 KB 35ms
28ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.6
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1da69bf26f1c8d59fbd1874c86dc8c2264413b3fb08b7204449a374531bc1340

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1426027
cf-polished: origSize=81249
status: 200
cf-request-id: 033d746dff000017669f246200000001
last-modified: Wed, 15 Aug 2018 21:37:29 GMT
server: cloudflare
etag: W/"5b749d19-13d61"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff93c1766-FRA
cf-bgj: minify

GET
H2 200 custom.css
redlock.io/wp-content/uploads/masterslider/ 12 KB
1 KB 36ms
29ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/uploads/masterslider/custom.css?ver=11.4
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d6b4ff642f3cad95bc0969e3888449b6b347d151ea91a24a390987875c6162

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 493739
cf-polished: origSize=13941
status: 200
cf-request-id: 033d746dff000017669f247200000001
last-modified: Fri, 22 Mar 2019 14:30:03 GMT
server: cloudflare
etag: W/"5c94f16b-3675"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff93e1766-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
redlock.io/wp-includes/js/jquery/ 95 KB
32 KB 37ms
31ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 493739
cf-polished: origSize=97183
status: 200
cf-request-id: 033d746dff000017669f24a200000001
last-modified: Wed, 23 May 2018 10:05:31 GMT
server: cloudflare
etag: W/"5b053ceb-17b9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9411766-FRA
cf-bgj: minify

GET
H2 200 jquery-migrate.min.js Show response
redlock.io/wp-includes/js/jquery/ 10 KB
4 KB 20ms
14ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: cloudflare
age: 1379302
status: 200
etag: W/"573eaa90-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9421766-FRA
cf-request-id: 033d746dff000017669f24b200000001

GET
H2 200 advanced-floating-content-public.js Show response
redlock.io/wp-content/plugins/advanced-floating-content-2/public/js/ 37 B
156 B 36ms
31ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/advanced-floating-content-2/public/js/advanced-floating-content-public.js?ver=1.0.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e8df27eefed0250a8e2785a341a5d35d838d8136f4ffde3168c57e9137aa2b

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 191083
cf-polished: origSize=815
status: 200
cf-request-id: 033d746dff000017669f24c200000001
last-modified: Sun, 25 Feb 2018 20:14:38 GMT
server: cloudflare
etag: W/"5a93192e-32f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9431766-FRA
cf-bgj: minify

GET
H2 200 jquery.cookie.min.js Show response
redlock.io/wp-content/plugins/advanced-floating-content-2/public/js/ 1 KB
756 B 20ms
14ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/advanced-floating-content-2/public/js/jquery.cookie.min.js?ver=1.0.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2018 20:14:38 GMT
server: cloudflare
age: 1379302
status: 200
etag: W/"5a93192e-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9441766-FRA
cf-request-id: 033d746dff000017669f24d200000001

GET
H2 200 force-refresh.built.min.js Show response
redlock.io/wp-content/plugins/force-refresh/library/dist/js/ 2 KB
834 B 31ms
26ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/force-refresh/library/dist/js/force-refresh.built.min.js?ver=1534369048
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c817c829e442100551f3674c6fb37cd80968fb800c13a4f39036ea2ac27b553

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Aug 2018 21:37:28 GMT
server: cloudflare
age: 1379302
status: 200
etag: W/"5b749d18-77b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9451766-FRA
cf-request-id: 033d746dff000017669f24e200000001

GET
H2 200 slidingmessages.min.js Show response
redlock.io/wp-content/plugins/slidingmessages/assets/js/ 8 KB
2 KB 20ms
15ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/slidingmessages/assets/js/slidingmessages.min.js?ver=3.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7460940d8db56c6b90cbe0e3ca071a53a78bcd54316d67a06b0bd77ff3bf9f05

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Apr 2018 22:44:11 GMT
server: cloudflare
age: 1379301
status: 200
etag: W/"5ad678bb-2169"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9461766-FRA
cf-request-id: 033d746dff000017669f24f200000001

GET
H2 200 jquery.transit.min.js Show response
redlock.io/wp-content/plugins/wp-responsive-menu/js/ 8 KB
3 KB 35ms
30ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/wp-responsive-menu/js/jquery.transit.min.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d447eb81dc16840763055c0189191c32f22f8a4062a1d896e0d8375681126a88

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Aug 2018 21:37:31 GMT
server: cloudflare
age: 1379301
status: 200
etag: W/"5b749d1b-2190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9471766-FRA
cf-request-id: 033d746dff000017669f250200000001

GET
H2 200 jquery.sidr.js Show response
redlock.io/wp-content/plugins/wp-responsive-menu/js/ 5 KB
2 KB 20ms
15ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/wp-responsive-menu/js/jquery.sidr.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddfac8d3f564750c023e8127a8f970776977a6a8bc31ec773ae3a6ca9b6ed121

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1426027
cf-polished: origSize=9878
status: 200
cf-request-id: 033d746dff000017669f251200000001
last-modified: Wed, 15 Aug 2018 21:37:31 GMT
server: cloudflare
etag: W/"5b749d1b-2696"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9481766-FRA
cf-bgj: minify

GET
H2 200 wprmenu.js Show response
redlock.io/wp-content/plugins/wp-responsive-menu/js/ 4 KB
1 KB 42ms
37ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/wp-responsive-menu/js/wprmenu.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df888b9df9e006acae5359c2c62c81967576b266b37b9571924e813c6bdb13b3

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1428346
cf-polished: origSize=6202
status: 200
cf-request-id: 033d746e03000017669f252200000001
last-modified: Wed, 15 Aug 2018 21:37:31 GMT
server: cloudflare
etag: W/"5b749d1b-183a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5690094a1766-FRA
cf-bgj: minify

GET
H2 200 cta-variation.js Show response
redlock.io/wp-content/plugins/cta/assets/js/ 3 KB
1 KB 34ms
30ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/cta/assets/js/cta-variation.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c2c405c0aa33e4f0ecd886454bb2bacd71d8deccbe21f3ca2de06c90a9d954

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1480848
cf-polished: origSize=5678
status: 200
cf-request-id: 033d746e03000017669f253200000001
last-modified: Mon, 26 Nov 2018 17:43:47 GMT
server: cloudflare
etag: W/"5bfc30d3-162e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5690094b1766-FRA
cf-bgj: minify

GET
H2 200 inboundAnalytics.min.js Show response
redlock.io/wp-content/plugins/cta/shared/assets/js/frontend/analytics/ 40 KB
12 KB 35ms
31ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/cta/shared/assets/js/frontend/analytics/inboundAnalytics.min.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f3d351cf3a789321798c32b98a6344f213fab3204cb9c2891916c07f9b8a233

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Nov 2018 17:43:52 GMT
server: cloudflare
age: 1428346
status: 200
etag: W/"5bfc30d8-9ff7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5690094c1766-FRA
cf-request-id: 033d746e03000017669f254200000001

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 25ms
21ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700,900

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97f84e24c7c059750f0382953cd8aed268e67221bc4cd73f5160a847a431a383

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 01:32:22 GMT
server: ESF
date: Wed, 10 Jun 2020 01:32:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jun 2020 01:32:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
834 B 25ms
21ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,700,900

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d82847f6e5b3042692ef1fc7ae342d0db67d37ec05efe9e23eabbfec5fd5ae01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 01:32:22 GMT
server: ESF
date: Wed, 10 Jun 2020 01:32:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jun 2020 01:32:22 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 97ms
94ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
status: 200
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 bootstrap.css
redlock.io/wp-content/themes/redlock/assets/css/ 143 KB
20 KB 615ms
612ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/css/bootstrap.css
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57585baf58ace44ae78a246dafbadd8aa8dfd4ddb7dbdf95f2d59a6c18ef5e22

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Nov 2018 17:43:56 GMT
server: cloudflare
status: 200
etag: W/"5bfc30dc-23b31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff93f1766-FRA
cf-request-id: 033d746dff000017669f248200000001

GET
H2 200 style.css
redlock.io/wp-content/themes/redlock/assets/css/ 73 KB
14 KB 30ms
26ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/css/style.css
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce9d64db6579fd4789c6eeb48aabd5a11284d6c07cb44567498e8daf1a7fe2a

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 578430
cf-polished: origSize=86889
status: 200
cf-request-id: 033d746dff000017669f249200000001
last-modified: Mon, 26 Nov 2018 17:43:56 GMT
server: cloudflare
etag: W/"5bfc30dc-15369"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f568ff9401766-FRA
cf-bgj: minify

GET
H2 200 pan-redlock-logo-white-250.png
redlock.io/wp-content/uploads/2018/11/ 7 KB
7 KB 29ms
15ms Image
image/png 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/11/pan-redlock-logo-white-250.png
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8396c10620531a0d32f3a5fac26b5e537e43ed07084566f354cfb7dd70e4532

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 139118
status: 200
content-length: 6987
cf-request-id: 033d74708f000017669f277200000001
last-modified: Mon, 26 Nov 2018 17:44:32 GMT
server: cloudflare
etag: "5bfc3100-1b4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941de51766-FRA

GET
H2 200 hero_menu_styles.css
redlock.io/wp-content/plugins/hmenu//_frontend_files/_menu_1/_css/ 39 KB
4 KB 19ms
18ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/hmenu//_frontend_files/_menu_1/_css/hero_menu_styles.css
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec333ed71ea0697b7b36c7aac0230744222101d8f8164a3578aa8359ce03f9a

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1480848
cf-polished: origSize=60989
status: 200
cf-request-id: 033d746e8f000017669f258200000001
last-modified: Mon, 26 Nov 2018 17:43:55 GMT
server: cloudflare
etag: W/"5bfc30db-ee3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5690ea3d1766-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 5 KB
739 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Open+Sans

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63d794e1c5840908bdd96cdf59fd829ad404f62945b3e4b880152e323c46b026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 01:32:22 GMT
server: ESF
date: Wed, 10 Jun 2020 01:32:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jun 2020 01:32:22 GMT

GET
H2 200 InstanceMetadata-API.jpg
redlock.io/wp-content/uploads/2018/05/ 410 KB
410 KB 93ms
79ms Image
image/jpeg 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/05/InstanceMetadata-API.jpg
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 129025943b9ed3314aec779d15655a445c8affbfe815e7cb04bee24758421307

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 132062
status: 200
content-length: 419740
cf-request-id: 033d74708f000017669f278200000001
last-modified: Wed, 15 Aug 2018 21:37:32 GMT
server: cloudflare
etag: "5b749d1c-6679c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941de61766-FRA

GET
H2 200 J9WhW9Pk1SNycNpJhryMSjFn_oyv3ZKjUiG9AiCsMdjrJ9z0plNFSxRI8IZmfQOrwzbbJn_BRIaVR5DzMs4DE3gyThwnoMmut3jpo4Vy9mHkaRXaJJOI7rVwDozni-C5e8Z73Mts
lh4.googleusercontent.com/ 507 KB
508 KB 872ms
858ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/J9WhW9Pk1SNycNpJhryMSjFn_oyv3ZKjUiG9AiCsMdjrJ9z0plNFSxRI8IZmfQOrwzbbJn_BRIaVR5DzMs4DE3gyThwnoMmut3jpo4Vy9mHkaRXaJJOI7rVwDozni-C5e8Z73Mts

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

77e9a2e0d753dde5f899f65771fb02611e59ad9881b64d5e2083ba6626bd5dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="image5.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519426
x-xss-protection: 0
server: fife
etag: "v2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Jun 2020 01:32:23 GMT

GET
H2 200 -jQVzScYpYss3HtHnqZiokd1lKocOjRsQMwygHktgc1bfvylyg3eUqv-YcCub9pbf-M8370SUB-KkXGUIfJoEq_JvrqNfnkLAnTGbHdmoCu-3bIRh__2hdhXdCPC6nxrGtLKopiZ
lh3.googleusercontent.com/ 22 KB
23 KB 561ms
467ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-jQVzScYpYss3HtHnqZiokd1lKocOjRsQMwygHktgc1bfvylyg3eUqv-YcCub9pbf-M8370SUB-KkXGUIfJoEq_JvrqNfnkLAnTGbHdmoCu-3bIRh__2hdhXdCPC6nxrGtLKopiZ

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

53a5e571d3a50df66c905bb1190d368231e4d90626318d3171c6dd5d7cc861f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="image1.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23029
x-xss-protection: 0
server: fife
etag: "v2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Jun 2020 01:32:23 GMT

GET
H2 200 LIdYPlR48K0U5dkrNlDVbll1Mjn3wgmTRICRZoC7kpyS1b7TGPCNbUHWDrBoeMH2uS_jGCevZrFy6neG53EuJu6kc87TpIanthunCWo6udjvVb1HvCju1yu9v-MZBL0HYPWPdCXX
lh5.googleusercontent.com/ 245 KB
245 KB 531ms
438ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/LIdYPlR48K0U5dkrNlDVbll1Mjn3wgmTRICRZoC7kpyS1b7TGPCNbUHWDrBoeMH2uS_jGCevZrFy6neG53EuJu6kc87TpIanthunCWo6udjvVb1HvCju1yu9v-MZBL0HYPWPdCXX

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

263900ff55e7e74d80aaef83287734b2afa168ca706637bb81b1e294c1dac9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="image3.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250459
x-xss-protection: 0
server: fife
etag: "v2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Jun 2020 01:32:23 GMT

GET
H2 200 xTB0Cb-gU7OwZ-gd6NK64xK2vuXmD-TYiXFvCWdkIW10XvfptdpKXNThNyqnOV93AH1cVQAmjRheAsfQYDaDvRC5T2x0tCC7ixOfDI7l-hO9xkaPw6o4zzoPecIGFdKf2B4WKUz2
lh6.googleusercontent.com/ 61 KB
62 KB 589ms
576ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/xTB0Cb-gU7OwZ-gd6NK64xK2vuXmD-TYiXFvCWdkIW10XvfptdpKXNThNyqnOV93AH1cVQAmjRheAsfQYDaDvRC5T2x0tCC7ixOfDI7l-hO9xkaPw6o4zzoPecIGFdKf2B4WKUz2

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56f1f2dcf117094462c923c3ba6c36fdabcb742e24ed513ab50ccad8e751132c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="Docker_onbuild2.1.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62885
x-xss-protection: 0
server: fife
etag: "v2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Jun 2020 01:32:23 GMT

GET
H2 200 9Shyvb2VdhZxZQI9hg0ACoZFctZzGuYaZviysk9lDSYvHXmLhTdGnQmMue5dVOYgXDGEorOYxudP5tdfTMpmc5BvhS7i4uSN-WueXQKARkpmP-ErkDptV0UF_cTSrIhb5TGqNhqm
lh4.googleusercontent.com/ 110 KB
110 KB 545ms
533ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/9Shyvb2VdhZxZQI9hg0ACoZFctZzGuYaZviysk9lDSYvHXmLhTdGnQmMue5dVOYgXDGEorOYxudP5tdfTMpmc5BvhS7i4uSN-WueXQKARkpmP-ErkDptV0UF_cTSrIhb5TGqNhqm

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b1e6b0f2177e2f37b5b2c3d6a7e7430b8403ed85ed13ee6cba792e8123fc2d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="image4.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112677
x-xss-protection: 0
server: fife
etag: "v2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Jun 2020 01:32:23 GMT

GET
H2 200 UbL4xwDcVWtyJvvCHLiAc3q7twDcUkYiVB6PKn4mL1EXGjG7WTQ7VdQy-BkjfWzfdiqa9ePA1nLs_2S4yVsvh-7fH3ESPy2qRrPd17h8mgPXiHcLpJnozqBJhLB3IO3S9u5LvYQQ
lh4.googleusercontent.com/ 98 KB
98 KB 532ms
520ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/UbL4xwDcVWtyJvvCHLiAc3q7twDcUkYiVB6PKn4mL1EXGjG7WTQ7VdQy-BkjfWzfdiqa9ePA1nLs_2S4yVsvh-7fH3ESPy2qRrPd17h8mgPXiHcLpJnozqBJhLB3IO3S9u5LvYQQ

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f79754267a956211b4b46b3c3a20e73726865a8c1d012bb531fede7c7c31e3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
x-content-type-options: nosniff
status: 200
content-disposition: inline;filename="image2.png"
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100008
x-xss-protection: 0
server: fife
etag: "v2"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 11 Jun 2020 01:32:23 GMT

GET
H2 200 8dc1e6c5-9908-46ee-b666-e9ebbe85381f.png
no-cache.hubspot.com/cta/default/2254955/ 89 KB
90 KB 669ms
577ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/2254955/8dc1e6c5-9908-46ee-b666-e9ebbe85381f.png

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

179ad8e63d76fa4b81b608c9f4a8b17d156b3ba119fb24675ee7fc613501c719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: 7B1C04BFDA5104A0
status: 200
content-length: 91612
x-amz-id-2: ARL8TIkJxGFOO3hYTA/P7oNZi3SdEBpNdzZF5CBe93xE1YfTCKtH7QIee7b19VnzILME1CcxXv4=
last-modified: Tue, 15 May 2018 00:44:11 GMT
server: cloudflare
etag: "f8146608fd53d5b32c8da20566376fc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 033d7470d50000c2956e9ea200000001
accept-ranges: bytes
cf-ray: 5a0f569489c8c295-FRA

GET
H2 200 4d351c67-90e0-479f-a2bc-d1da9521e17a.png
no-cache.hubspot.com/cta/default/2254955/ 2 KB
3 KB 245ms
152ms Image
image/png 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/2254955/4d351c67-90e0-479f-a2bc-d1da9521e17a.png

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe0ef57561c9647e339773cb689c294bdbabbcf53b26d3da97504a1a363bf9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: 00ECF3815E05E64D
status: 200
content-length: 2081
x-amz-id-2: TbnRqViyuIlFqkA0MhcymjNdMbfuumkO6Zpq5e1t5PG9OR4IVC/A5mwfrVEA4UgPfCEOtqB15u8=
last-modified: Mon, 14 May 2018 22:22:24 GMT
server: cloudflare
etag: "1148797f52d169a15f364e17ebf811cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
cache-control: no-cache, no-store
cf-request-id: 033d7470d50000c2956e9eb200000001
accept-ranges: bytes
cf-ray: 5a0f569489c9c295-FRA

GET
H2 200 RedTalk-ep1-PrivilegeEscalation.jpg
redlock.io/wp-content/uploads/2018/05/ 28 KB
28 KB 65ms
53ms Image
image/jpeg 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/05/RedTalk-ep1-PrivilegeEscalation.jpg
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfbf578b449d1ed6a226933ee80c75198a9c52d736227cf0a64e6e8b058841e3

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 191081
status: 200
content-length: 28436
cf-request-id: 033d74708f000017669f279200000001
last-modified: Wed, 15 Aug 2018 21:37:32 GMT
server: cloudflare
etag: "5b749d1c-6f14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941de71766-FRA

GET
H2 200 6EZBjf_JyRKnJ6MlAm9xK6I1P1mynSMSrvXSDg367sP1ITWrC89TlyW_DxhW-Fq128XpJT15IDbNG1FBv8O2Ao2iQI9TVCJZc9ISJwmiGXS32_ggVubE6l3iNrjp5pETRwfy84Ax.jpg
redlock.io/wp-content/uploads/2018/07/ 184 KB
184 KB 73ms
62ms Image
image/jpeg 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/07/6EZBjf_JyRKnJ6MlAm9xK6I1P1mynSMSrvXSDg367sP1ITWrC89TlyW_DxhW-Fq128XpJT15IDbNG1FBv8O2Ao2iQI9TVCJZc9ISJwmiGXS32_ggVubE6l3iNrjp5pETRwfy84Ax.jpg
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cfa8c40a8b2d43c645389c548e525a22d4dde24f647e05e1cc4ccc55b5c71d2

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 214023
status: 200
content-length: 188556
cf-request-id: 033d74708f000017669f27a200000001
last-modified: Mon, 26 Nov 2018 17:44:24 GMT
server: cloudflare
etag: "5bfc30f8-2e08c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941de81766-FRA

GET
H2 200 TeslaBlog.jpeg
redlock.io/wp-content/uploads/2018/07/ 53 KB
54 KB 69ms
58ms Image
image/jpeg 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/07/TeslaBlog.jpeg
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907e7a3f7167cb5e37eec13664f321339555423d3e66a2335070e8c474a69127

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 132062
status: 200
content-length: 54730
cf-request-id: 033d74708f000017669f27b200000001
last-modified: Mon, 26 Nov 2018 17:44:26 GMT
server: cloudflare
etag: "5bfc30fa-d5ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941de91766-FRA

GET
H2 404 t.js
vidassets.terminus.services/1b68db2b-f52c-4d91-acd5-226dc2d8e7d8/ 0
0 81ms
24ms Script
application/json 13.224.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vidassets.terminus.services/1b68db2b-f52c-4d91-acd5-226dc2d8e7d8/t.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.198.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-108.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 redtalk-ep9-3rdparty.png
redlock.io/wp-content/uploads/2018/10/ 50 KB
50 KB 36ms
25ms Image
image/png 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/10/redtalk-ep9-3rdparty.png
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30c84c7fac5ac9843a718f955e6a08d163cda1e3b801c0bf0cca958ba9582eea

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 139114
status: 200
content-length: 51358
cf-request-id: 033d74708f000017669f27c200000001
last-modified: Mon, 26 Nov 2018 17:44:32 GMT
server: cloudflare
etag: "5bfc3100-c89e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941dea1766-FRA

GET
H2 200 satellite-5be1c00164746d7783002cf9.js Show response
assets.adobedtm.com/90b129d72f4716e69353423cbd3d35a4caed23e2/scripts/ 1 KB
849 B 11ms
9ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/90b129d72f4716e69353423cbd3d35a4caed23e2/scripts/satellite-5be1c00164746d7783002cf9.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/90b129d72f4716e69353423cbd3d35a4caed23e2/satelliteLib-85e66e82be1ac73eb81ae8b3ed59190ea2813357.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 968d35d07c4e313cfe62a804ecdb3ccb12117fc6504cb6b0332c9fb928bca3dc

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: gzip
last-modified: Tue, 06 Nov 2018 22:19:32 GMT
server: AkamaiNetStorage
etag: "7b5b4843129dca0ff937058c1b2daccd:1541542772"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 610
expires: Wed, 10 Jun 2020 02:32:22 GMT

GET
H2 200 4tkv88zdpmnh.js Show response
js.driftt.com/include/1591752900000/ 137 KB
45 KB 224ms
146ms Script
application/javascript 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1591752900000/4tkv88zdpmnh.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/90b129d72f4716e69353423cbd3d35a4caed23e2/scripts/satellite-5be1c00164746d7783002cf9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.198.92 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

aa371b695a477025f6fd48693baea5a6ed0ff4eb71c5a660d854e543b2370013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 04 Jun 2020 16:05:51 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: O4yWTnRDyzK-HBSTaYdF6ML8a6359UEte4fAB29fEQZ2bodtZGkYAw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 69 KB
26 KB 37ms
34ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MRMBVDP

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

433a811aa93bf4bbcb5cd81196b8f14f6a7d02260f5fc18681b9b77f9ce804ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26899
x-xss-protection: 0
last-modified: Wed, 10 Jun 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jun 2020 01:32:23 GMT

GET
H2 200 wp-emoji-release.min.js Show response
redlock.io/wp-includes/js/ 12 KB
4 KB 80ms
70ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Jan 2019 01:42:50 GMT
server: cloudflare
age: 1379302
status: 200
etag: W/"5c412f1a-2f02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56941deb1766-FRA
cf-request-id: 033d747091000017669f27d200000001

GET
H2 200 footer-twitter.png
redlock.io/wp-content/uploads/2018/07/ 651 B
757 B 87ms
77ms Image
image/png 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/07/footer-twitter.png
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2be738c6f3a9d02af2b420273fff5b5469007813acd7033cb757dc6759bc591d

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 139117
status: 200
content-length: 651
cf-request-id: 033d747091000017669f27e200000001
last-modified: Mon, 26 Nov 2018 17:44:26 GMT
server: cloudflare
etag: "5bfc30fa-28b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941dec1766-FRA

GET
H2 200 footer-linkedin.png
redlock.io/wp-content/uploads/2018/07/ 712 B
852 B 35ms
25ms Image
image/png 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/07/footer-linkedin.png
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 717e1aa8cb34c2fca34fd9d7f1a7d2c5d2d768c2592f0f9ce2e762efa262a86f

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 241913
status: 200
content-length: 712
cf-request-id: 033d747091000017669f27f200000001
last-modified: Mon, 26 Nov 2018 17:44:26 GMT
server: cloudflare
etag: "5bfc30fa-2c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941ded1766-FRA

GET
H2 200 footer-facebook.png
redlock.io/wp-content/uploads/2018/07/ 637 B
763 B 67ms
57ms Image
image/png 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2018/07/footer-facebook.png
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd1a82d0591f5898763018826300fcd4f4dc9923b3cbc60bab38d981ce0090d3

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 139118
status: 200
content-length: 637
cf-request-id: 033d747091000017669f280200000001
last-modified: Mon, 26 Nov 2018 17:44:26 GMT
server: cloudflare
etag: "5bfc30fa-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941dee1766-FRA

GET
H2 200 bootstrap-theme.min.css
redlock.io/wp-content/themes/redlock/assets/css/ 19 KB
2 KB 11ms
11ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/css/bootstrap-theme.min.css?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 436fc6eed2d849bbe4dcbc0f69d992c62fc2f075a1e501ff853f8705f70dbb60

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2017 17:00:36 GMT
server: cloudflare
age: 1379301
status: 200
etag: W/"59037534-4c1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5691cb621766-FRA
cf-request-id: 033d746f1b000017669f25d200000001

GET
H2 200 frontend_styles.css
redlock.io/wp-content/plugins/hmenu/assets/css/ 507 B
358 B 14ms
13ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/hmenu/assets/css/frontend_styles.css?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c4022c0bf5b3aba0471b68e3700bd43676ee5b0d8a11d6b5530a1ff9dcf6084

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1428346
cf-polished: origSize=719
status: 200
cf-request-id: 033d746f27000017669f25e200000001
last-modified: Wed, 14 Mar 2018 01:14:02 GMT
server: cloudflare
etag: W/"5aa8775a-2cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5691db791766-FRA
cf-bgj: minify

GET
H2 200 hero_static_fonts.css
redlock.io/wp-content/plugins/hmenu/_static_fonts/ 158 KB
39 KB 14ms
14ms Stylesheet
text/css 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/hmenu/_static_fonts/hero_static_fonts.css?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e94fc0a41df809f83d3c3b2aeb8cb723b12231308be24ec32a2e399b8dd36c

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1426027
cf-polished: origSize=175542
status: 200
cf-request-id: 033d746f36000017669f25f200000001
last-modified: Wed, 14 Mar 2018 01:14:02 GMT
server: cloudflare
etag: W/"5aa8775a-2adb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5691fb931766-FRA
cf-bgj: minify

GET
H2 200 spin.min.js Show response
redlock.io/wp-content/plugins/cta/shared//shortcodes/js/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/cta/shared//shortcodes/js/spin.min.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b36a48c0269521621f450f477afa94365e1736aaaf33290760fea0fce341a6

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 26 Nov 2018 17:43:54 GMT
server: cloudflare
age: 1428346
status: 200
etag: W/"5bfc30da-10b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56920bab1766-FRA
cf-request-id: 033d746f48000017669f260200000001

GET
H2 200 scripts.js Show response
redlock.io/wp-content/plugins/contact-form-7/includes/js/ 10 KB
3 KB 13ms
13ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.9.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 833eed666bac1362949bc30b581f0f112091a312dd56d5599f6be6135df7e49b

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 493739
cf-polished: origSize=13908
status: 200
cf-request-id: 033d746f54000017669f261200000001
last-modified: Thu, 07 Dec 2017 00:05:54 GMT
server: cloudflare
etag: W/"5a2885e2-3654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56922bbd1766-FRA
cf-bgj: minify

GET
H2 200 skip-link-focus-fix.js Show response
redlock.io/wp-content/themes/redlock/assets/js/ 426 B
330 B 15ms
15ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/js/skip-link-focus-fix.js?ver=1.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 493739
cf-polished: origSize=683
status: 200
cf-request-id: 033d746f63000017669f263200000001
last-modified: Fri, 28 Apr 2017 17:00:36 GMT
server: cloudflare
etag: W/"59037534-2ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56923bd21766-FRA
cf-bgj: minify

GET
H2 200 navigation.js Show response
redlock.io/wp-content/themes/redlock/assets/js/ 3 KB
894 B 12ms
10ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/js/navigation.js?ver=1.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54829f4236bde2066942badf3b63b1df4d4fc9f018dece2ea89ba90bf64dda6c

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1089002
cf-polished: origSize=3754
status: 200
cf-request-id: 033d746f78000017669f264200000001
last-modified: Fri, 28 Apr 2017 17:00:36 GMT
server: cloudflare
etag: W/"59037534-eaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56925c021766-FRA
cf-bgj: minify

GET
H2 200 global.js Show response
redlock.io/wp-content/themes/redlock/assets/js/ 5 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/js/global.js?ver=1.0
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e82ba9517671bde40da3d3e3f1ea0b572526247ec3f28f66e7c79f03bbf010bf

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1426027
cf-polished: origSize=7682
status: 200
cf-request-id: 033d746f85000017669f265200000001
last-modified: Fri, 28 Apr 2017 17:00:36 GMT
server: cloudflare
etag: W/"59037534-1e02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56926c241766-FRA
cf-bgj: minify

GET
H2 200 wp-embed.min.js Show response
redlock.io/wp-includes/js/ 1 KB
849 B 18ms
17ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-includes/js/wp-embed.min.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Aug 2018 12:40:26 GMT
server: cloudflare
age: 1379301
status: 200
etag: W/"5b87e5ba-57b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56929c501766-FRA
cf-request-id: 033d746f9a000017669f266200000001

GET
H2 200 jquery-1.9.1.min.js Show response
redlock.io/wp-content/themes/redlock/assets/js/ 90 KB
31 KB 16ms
15ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/js/jquery-1.9.1.min.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2017 17:00:36 GMT
server: cloudflare
age: 1089002
status: 200
etag: W/"59037534-169d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5692bc6e1766-FRA
cf-request-id: 033d746fae000017669f269200000001

GET
H2 200 jquery.scrollTo.js Show response
redlock.io/wp-content/themes/redlock/assets/js/ 3 KB
2 KB 15ms
14ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/js/jquery.scrollTo.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b00c6721410090fbe6246b33140fc7023a003729ab06420f43edab593c6254f

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1426027
cf-polished: origSize=5836
status: 200
cf-request-id: 033d746fc5000017669f26b200000001
last-modified: Fri, 28 Apr 2017 17:00:36 GMT
server: cloudflare
etag: W/"59037534-16cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5692dc891766-FRA
cf-bgj: minify

GET
H2 200 custom.js Show response
redlock.io/wp-content/themes/redlock/assets/js/ 2 KB
813 B 15ms
12ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/js/custom.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c85404e595e885749f871bd8476c8a410275e4612998f625f3e43bade62f1f

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 1426027
cf-polished: origSize=5583
status: 200
cf-request-id: 033d746fdc000017669f26d200000001
last-modified: Mon, 26 Nov 2018 17:43:58 GMT
server: cloudflare
etag: W/"5bfc30de-15cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5692fcb31766-FRA
cf-bgj: minify

GET
H2 200 frontend_script.js Show response
redlock.io/wp-content/plugins/hmenu//assets/js/ 9 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/hmenu//assets/js/frontend_script.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea196471aaf01f69a0ba290a7c7fd76ede9364f790fa725080510645e204fdfa

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:22 GMT
content-encoding: br
cf-cache-status: HIT
age: 493739
cf-polished: origSize=12497
status: 200
cf-request-id: 033d746fe9000017669f26e200000001
last-modified: Wed, 14 Mar 2018 01:14:02 GMT
server: cloudflare
etag: W/"5aa8775a-30d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56930cd51766-FRA
cf-bgj: minify

GET
H2 200 frontend_dimensions.js Show response
redlock.io/wp-content/plugins/hmenu//assets/js/ 830 B
304 B 24ms
23ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/hmenu//assets/js/frontend_dimensions.js?ver=5.1.1
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b6428a8080c4f81577a04328c9a855a1cc693cf7445ed495954f0f739f4d969

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 1141725
cf-polished: origSize=972
status: 200
cf-request-id: 033d74706a000017669f272200000001
last-modified: Wed, 14 Mar 2018 01:14:02 GMT
server: cloudflare
etag: W/"5aa8775a-3cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5693ddae1766-FRA
cf-bgj: minify

GET
H2

200

/
www.google.de/pagead/1p-user-list/855482527/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855482527/?guid=ON&script=0
https://www.google.com/pagead/1p-user-list/855482527/?guid=ON&script=0&is_vtc=1&random=2566441910
https://www.google.de/pagead/1p-user-list/855482527/?guid=ON&script=0&is_vtc=1&random=2566441910&ipr=y&ezwbk=AZuM4hAon1ll3g1hf5WWWlq8lgDEdWovnWueVB7JaZNs1oBgdFh78Tsa8dxi6vJk6ztiJ_V-q1UrSgSFmH-ZzSUq...

42 B
107 B

24ms
22ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/855482527/?guid=ON&script=0&is_vtc=1&random=2566441910&ipr=y&ezwbk=AZuM4hAon1ll3g1hf5WWWlq8lgDEdWovnWueVB7JaZNs1oBgdFh78Tsa8dxi6vJk6ztiJ_V-q1UrSgSFmH-ZzSUquhX0

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 01:32:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jun 2020 01:32:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/855482527/?guid=ON&script=0&is_vtc=1&random=2566441910&ipr=y&ezwbk=AZuM4hAon1ll3g1hf5WWWlq8lgDEdWovnWueVB7JaZNs1oBgdFh78Tsa8dxi6vJk6ztiJ_V-q1UrSgSFmH-ZzSUquhX0
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RedLockLogo.png
redlock.io/wp-content/uploads/2017/05/ 3 KB
3 KB 481ms
472ms Image
image/png 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/uploads/2017/05/RedLockLogo.png
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc6dd9d5f729b0d3b299337496f4eea20afef813663775adc2ef1c92b427dbdb

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: MISS
last-modified: Mon, 26 Nov 2018 17:44:09 GMT
server: cloudflare
status: 200
etag: "5bfc30e9-a09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f56941df01766-FRA
content-length: 2569
cf-request-id: 033d747091000017669f281200000001

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 29ms
13ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:33:51 GMT
status: 200
etag: "1544639631"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9832

GET
H2 200 bootstrap.youtubepopup.js Show response
redlock.io/wp-content/themes/redlock/assets/js/ 4 KB
2 KB 29ms
14ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/js/bootstrap.youtubepopup.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09b74e5ec9c1c542b0457d16b0c315e9963ef5462f1b975c9048d20620bc6c47

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 578431
cf-polished: origSize=5879
status: 200
cf-request-id: 033d74708f000017669f274200000001
last-modified: Mon, 08 May 2017 22:21:50 GMT
server: cloudflare
etag: W/"5910ef7e-16f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56941ddf1766-FRA
cf-bgj: minify

GET
H/1.1 200
OK jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 122ms
26ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 10 Jun 2020 01:32:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2016 16:34:16 GMT
Server: nginx
ETag: W/"57d97c08-7f20a"
Vary: Accept-Encoding
X-HW: 1591752743.dop128.fr8.t,1591752743.cds138.fr8.shn,1591752743.cds138.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 124434

GET
H2 200 slick.min.js Show response
redlock.io/wp-content/themes/redlock/assets/slick/ 41 KB
10 KB 74ms
60ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/slick/slick.min.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Aug 2017 07:36:29 GMT
server: cloudflare
age: 1156724
status: 200
etag: W/"598d5e7d-a3e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56941de21766-FRA
cf-request-id: 033d74708f000017669f275200000001

GET
H2 200 isInViewport.min.js Show response
redlock.io/wp-content/themes/redlock/assets/js/ 2 KB
1 KB 30ms
16ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/themes/redlock/assets/js/isInViewport.min.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5c9e4a8e5518916b730e9fd83efe48ef42ced31b3f721bb94f966e8896af966

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2017 17:00:36 GMT
server: cloudflare
age: 498497
status: 200
etag: W/"59037534-8f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f56941de41766-FRA
cf-request-id: 033d74708f000017669f276200000001

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 62ms
0ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700,900
Origin: https://redlock.io

Response headers

date: Tue, 09 Jun 2020 00:43:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 89309
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:43:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 21ms
5ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700,900
Origin: https://redlock.io

Response headers

date: Tue, 26 May 2020 05:53:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1280319
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Wed, 26 May 2021 05:53:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 12ms
5ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700,900
Origin: https://redlock.io

Response headers

date: Sun, 17 May 2020 05:19:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 2059968
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Mon, 17 May 2021 05:19:35 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 12ms
5ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700,900
Origin: https://redlock.io

Response headers

date: Fri, 05 Jun 2020 14:07:59 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 386664
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Sat, 05 Jun 2021 14:07:59 GMT

GET
H2 404 t.js
vidassets.terminus.services/1b68db2b-f52c-4d91-acd5-226dc2d8e7d8/ 0
0 22ms
22ms Script
application/json 13.224.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vidassets.terminus.services/1b68db2b-f52c-4d91-acd5-226dc2d8e7d8/t.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.198.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-108.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK bf-munchkin.min.js Show response
munchkin.brightfunnel.com/js/build/ 20 KB
7 KB 119ms
24ms Script
application/javascript 143.204.89.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.brightfunnel.com/js/build/bf-munchkin.min.js?tstamp=1591752743588
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.77 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-77.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e71e9eb057dbce45fc842c86a300d5410f757f7e0aa9084cb849631528e031f0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 06 Jun 2018 17:39:04 GMT
Server: AmazonS3
Age: 146
Date: Wed, 10 Jun 2020 01:29:57 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
Cache-Control: max-age=300
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: USmOVoTu8GRX6sHfDTxrdpejufbvKxvQ8Av2jSlJ4AsAHHmHc1KD1g==

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:100,300,400,400i,500,700,900
Origin: https://redlock.io

Response headers

date: Sun, 17 May 2020 05:16:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 2060177
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Mon, 17 May 2021 05:16:06 GMT

GET
H2 200 minify-social.png
redlock.io/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/ 27 KB
27 KB 15ms
15ms Image
image/png 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redlock.io/wp-content/plugins/custom-share-buttons-with-floating-sidebar/images/minify-social.png
Requested by: Host: redlock.io
URL: https://redlock.io/wp-includes/js/jquery/jquery.js?ver=1.12.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c5363a662e4c8b5c62ae5d637e83c4fc657d12094470093507f9070c9fbdfb3

Request headers

Referer: https://redlock.io/wp-content/plugins/custom-share-buttons-with-floating-sidebar/css/csbwfs.css?ver=5.1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
cf-cache-status: HIT
age: 241909
status: 200
content-length: 27827
cf-request-id: 033d7472f2000017669f2fe200000001
last-modified: Wed, 15 Aug 2018 21:37:28 GMT
server: cloudflare
etag: "5b749d18-6cb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5a0f5697e9b01766-FRA

GET
H2 200 admin-ajax.php Show response
redlock.io/wp-admin/ 158 B
634 B 559ms
559ms XHR
text/html 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redlock.io/wp-admin/admin-ajax.php?action=force_refresh_get_site_version

Requested by

Host: redlock.io
URL: https://redlock.io/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

64c681daf67b888a4c50da03cc2445c41f16b4eaee17e7e4f75d64680cd0f259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-cacheable: NO:Passed
x-pass-why: wp-admin
x-powered-by: WP Engine
x-cache: MISS
status: 200
cf-request-id: 033d7473f5000017669f30b200000001
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/html; charset=UTF-8
x-orig-cache-control: no-store, no-cache, must-revalidate
cache-control: max-age=0, must-revalidate, private
cf-ray: 5a0f56998ae31766-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: redlock.io
URL: https://redlock.io/wp-includes/js/jquery/jquery.js?ver=1.12.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C600&ver=5.1.1
Origin: https://redlock.io

Response headers

date: Tue, 09 Jun 2020 22:05:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 12391
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 09 Jun 2021 22:05:52 GMT

GET
H2 200 hero_script.js Show response
redlock.io/wp-content/plugins/hmenu/_frontend_files/_js_files/ 12 KB
3 KB 12ms
12ms Script
application/javascript 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://redlock.io/wp-content/plugins/hmenu/_frontend_files/_js_files/hero_script.js
Requested by: Host: redlock.io
URL: https://redlock.io/wp-content/plugins/hmenu//assets/js/frontend_script.js?ver=5.1.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f725ea829b5f7ceb958f150947eba59435dd092672a13adbb024682014e9e9e7

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 1480847
cf-polished: origSize=19606
status: 200
cf-request-id: 033d74740a000017669f30c200000001
last-modified: Mon, 26 Nov 2018 17:43:55 GMT
server: cloudflare
etag: W/"5bfc30db-4c96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5a0f5699ab021766-FRA
cf-bgj: minify

POST
H2 200 admin-ajax.php Show response
redlock.io/wp-admin/ 16 B
217 B 602ms
602ms XHR
text/html 2606:4700:3034::681f:5957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://redlock.io/wp-admin/admin-ajax.php

Requested by

Host: redlock.io
URL: https://redlock.io/wp-content/themes/redlock/assets/js/jquery-1.9.1.min.js?ver=5.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681f:5957 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

72047497cfabe2a3502b9a53a9bf4e7ea9b4ca4ff8d3d950ee589a19b47d0d70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 10 Jun 2020 01:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-powered-by: WP Engine
status: 200
cf-request-id: 033d74740c000017669f30d200000001
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://redlock.io
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5a0f5699ab041766-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRMBVDP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3166
date: Wed, 10 Jun 2020 00:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 10 Jun 2020 02:39:38 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
11 KB 35ms
33ms Script
text/javascript 172.217.16.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRMBVDP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

cd34ee8ae406b1662e7ef53583b899f9ccc52d0920127c4716c6944a68916cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10884
x-xss-protection: 0
server: cafe
etag: 10406653800972162523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 10 Jun 2020 01:32:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f058:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 22450
x-xss-protection: 0
pragma: public
x-fb-debug: xxLlzAaGdIbDPf/ws3hBUjP6PzyZ4lkn/vViOsg7LEmU3r7Pbn0jklawLQJZzTxo6sD9anizeEmi7qujJudlDw==
x-fb-trip-id: 1679558926
x-frame-options: DENY
date: Wed, 10 Jun 2020 01:32:24 GMT, Wed, 10 Jun 2020 01:32:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK sd Show response
api.brightfunnel.com/v1/ 4 B
523 B 705ms
619ms XHR
application/json 143.204.89.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.brightfunnel.com/v1/sd
Requested by: Host: munchkin.brightfunnel.com
URL: https://munchkin.brightfunnel.com/js/build/bf-munchkin.min.js?tstamp=1591752743588
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.89.103 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-103.fra50.r.cloudfront.net
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept: application/json
Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 10 Jun 2020 01:32:24 GMT
Via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
x-amzn-RequestId: 590a8d27-8814-4112-a343-d9ec29545393
X-Cache: Miss from cloudfront
Content-Type: application/json
Access-Control-Allow-Origin: *
X-Amzn-Trace-Id: Root=1-5ee03828-91c408d2c754eda561e62528;Sampled=0
Connection: keep-alive
x-amz-apigw-id: N422UHvvIAMFjfA=
Content-Length: 4
X-Amz-Cf-Id: 5vKOTQpXVEYYdyO1lGArFCDPrDHcUMlNeGHLLjF738E4PPXFDCztXA==

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2120170069&t=pageview&_s=1&dl=https%3A%2F%2Fredlock.io%2Fblog%2Finstance-metadata-api-a-modern-day-trojan-horse&ul=en-us&de=UTF-8&dt=Instance...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83198078-1&cid=1927627854.1591752744&jid=509376923&_gid=666319391.1591752744&gjid=2001962286&_v=j82&z=1410876757

35 B
99 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83198078-1&cid=1927627854.1591752744&jid=509376923&_gid=666319391.1591752744&gjid=2001962286&_v=j82&z=1410876757

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 10 Jun 2020 01:32:24 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jun 2020 01:32:24 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-83198078-1&cid=1927627854.1591752744&jid=509376923&_gid=666319391.1591752744&gjid=2001962286&_v=j82&z=1410876757
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-855482527/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-855482527/?random=1591752744108&cv=9&fst=1591752744108&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fredlock.io%2Fblog%2Finstance-metadata-api-a-modern-day-trojan-horse&tiba=Instance%20Metadata%20API%3A%20A%20Modern%20Day%20Trojan%20Horse&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50d147956af748a09545a0b147be588898c6d58f9bcab587421c1709cbac0620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 01:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1043
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 271235770295133 Show response
connect.facebook.net/signals/config/ 355 KB
86 KB 96ms
95ms Script
application/x-javascript 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/271235770295133?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f058:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

429e65c9b8c4f0c7a19f434a82889ee35620dfee31770a05e68dbf507b767603

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: KOuJoek+wR+nIW5wLSK2FIBdIVMsrfTGMvTrA1eEIjCUzlMgk8XXiYFba7P2sRFr2Q8q4nRHk8+aYtaDq/s8wQ==
x-fb-trip-id: 1679558926
x-frame-options: DENY
date: Wed, 10 Jun 2020 01:32:24 GMT, Wed, 10 Jun 2020 01:32:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-855482527/ 42 B
107 B 57ms
56ms Image
image/gif 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-855482527/?random=1591752744108&cv=9&fst=1591750800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&frm=0&url=https%3A%2F%2Fredlock.io%2Fblog%2Finstance-metadata-api-a-modern-day-trojan-horse&tiba=Instance%20Metadata%20API%3A%20A%20Modern%20Day%20Trojan%20Horse&async=1&fmt=3&is_vtc=1&random=544706718&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 01:32:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-855482527/ 42 B
107 B 21ms
20ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-855482527/?random=1591752744108&cv=9&fst=1591750800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5r0&sendb=1&frm=0&url=https%3A%2F%2Fredlock.io%2Fblog%2Finstance-metadata-api-a-modern-day-trojan-horse&tiba=Instance%20Metadata%20API%3A%20A%20Modern%20Day%20Trojan%20Horse&async=1&fmt=3&is_vtc=1&random=544706718&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jun 2020 01:32:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 439102006578016 Show response
connect.facebook.net/signals/config/ 355 KB
86 KB 87ms
87ms Script
application/x-javascript 2a03:2880:f058:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/439102006578016?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f058:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

734bd95b9ae1e5e9150789595540af2ee0591c05680fdffab363c31a69662f92

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: r5Zz23EcKNyWORVhOesR4aT1GGTaW6cAOvqQLv61QhjBkGmgijA7BZhEjXRJgvVcIitRVjgwI3PGgbr5H+ebEw==
x-fb-trip-id: 1679558926
x-frame-options: DENY
date: Wed, 10 Jun 2020 01:32:24 GMT, Wed, 10 Jun 2020 01:32:24 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 22ms
22ms Image
image/gif 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=271235770295133&ev=PageView&dl=https%3A%2F%2Fredlock.io%2Fblog%2Finstance-metadata-api-a-modern-day-trojan-horse&rl=&if=false&ts=1591752744302&sw=1600&sh=1200&v=2.9.5&r=c2&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1591752744301.1032919090&it=1591752744126&coo=false&rqm=GET

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:24 GMT, Wed, 10 Jun 2020 01:32:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 10 Jun 2020 01:32:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 22ms
21ms Image
image/gif 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=439102006578016&ev=PageView&dl=https%3A%2F%2Fredlock.io%2Fblog%2Finstance-metadata-api-a-modern-day-trojan-horse&rl=&if=false&ts=1591752744413&sw=1600&sh=1200&v=2.9.5&r=c2&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1591752744301.1032919090&it=1591752744126&coo=false&rqm=GET

Requested by

Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 01:32:24 GMT, Wed, 10 Jun 2020 01:32:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 10 Jun 2020 01:32:24 GMT

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame B287 0
0 23ms
22ms Document
text/html 13.224.198.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1591752900000/4tkv88zdpmnh.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.198.92 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-92.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Thu, 04 Jun 2020 16:05:51 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 10 Jun 2020 01:32:20 GMT
etag: "6122d5a5b8b089e576e93e0e31168c41"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Q-OwB9I2xgkxj3fro7brV0aucq5TRhA33iwHZFRJg2ao1Y05vsjUCg==
age: 8

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 35 KB
12 KB 89ms
32ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: redlock.io
URL: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b5b4a374d6dfb06f111c288ba9042d5c4e1305b3da110bea8116f3090bce2e5

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ehJgGpzGzAbK8GzMvrCmhGB9QIvRjX3O
Content-Encoding: gzip
ETag: "493863a9069eb4663881ed7b590bc370"
x-amz-request-id: 4AD5F575B2B62C3A
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 11133
x-amz-id-2: sF3RLu84SpsB/WDmm1RAF+GFJLR5RZZPIcfcx15Yz5I7kLcH1lSTZSiYUdlTTGswCfStuE/qQ50=
Last-Modified: Tue, 02 Jun 2020 21:58:20 GMT
Server: AmazonS3
Date: Wed, 10 Jun 2020 01:32:24 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/UCJSLX6BO5CABL3QIU2FZV/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

25ms
25ms

Script
application/javascript

2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: MvaZYW7xXR9M9hUcWDgUVAWVyUlL21ST
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 2DBC0A47C6AE7942
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: pdXLSEu2gTihFxulaZoglus8ByA01JsL4yxgDFBqMepK6h0UFMTALvb5/DBrbdDPMFzbp0Bs7Fo=
Last-Modified: Fri, 05 Jun 2020 15:32:25 GMT
Server: AmazonS3
Date: Wed, 10 Jun 2020 01:32:24 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Wed, 10 Jun 2020 01:32:24 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/UCJSLX6BO5CABL3QIU2FZV/VK533C2CZFD4BN4G3NREX7/ 0
773 B 268ms
216ms Script
text/javascript 2.18.233.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/UCJSLX6BO5CABL3QIU2FZV/VK533C2CZFD4BN4G3NREX7/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wQKBdb8iF7.vks_a6NL0fz0aK7YnzGOS
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 4614F883D6A68F9D
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: kXARwgbdz5A8ZnvzWtsVn6esJgitYzBaLwt9NS6FjfZlhwkgYmw5fCrTygKgKLpDCLHTC2tKD+s=
Last-Modified: Tue, 09 Jun 2020 17:08:23 GMT
Server: AmazonS3
Date: Wed, 10 Jun 2020 01:32:24 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/UCJSLX6BO5CABL3QIU2FZV/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/UCJSLX6BO5CABL3QIU2FZV?_s=15566cd249c7c47113fc0fd581a10896&_b=2
https://d.adroll.com/consent/check/UCJSLX6BO5CABL3QIU2FZV/?_s=15566cd249c7c47113fc0fd581a10896&_b=2

130 B
222 B

104ms
34ms

Script
application/javascript

108.128.221.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/UCJSLX6BO5CABL3QIU2FZV/?_s=15566cd249c7c47113fc0fd581a10896&_b=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.221.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-221-150.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: a7e8b2df0fc0aeceff8db092734de1d6d24532e3fc19e64fe9d32b8494a4588a

Request headers

Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 10 Jun 2020 01:32:24 GMT
server: nginx/1.16.1
content-length: 130
content-type: application/javascript

Redirect headers

status: 302
date: Wed, 10 Jun 2020 01:32:24 GMT
server: nginx/1.16.1
content-length: 105
location: https://d.adroll.com/consent/check/UCJSLX6BO5CABL3QIU2FZV/?_s=15566cd249c7c47113fc0fd581a10896&_b=2

POST
H2 200 /
www.facebook.com/tr/ Frame 18BF 0
0 22ms
22ms Document
text/plain 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2724
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://redlock.io
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0GDxB2RmGYJfv6KMj..Be4Dgo...1.0.Be4Dgo.
Upgrade-Insecure-Requests: 1
Origin: https://redlock.io
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://redlock.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
alt-svc: h3-27=":443"; ma=3600
date: Wed, 10 Jun 2020 01:32:24 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame AE49 0
0 22ms
22ms Document
text/plain 2a03:2880:f158:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f158:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2724
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://redlock.io
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0GDxB2RmGYJfv6KMj..Be4Dgo...1.0.Be4Dgo.
Upgrade-Insecure-Requests: 1
Origin: https://redlock.io
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://redlock.io/blog/instance-metadata-api-a-modern-day-trojan-horse

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://redlock.io
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
alt-svc: h3-27=":443"; ma=3600
date: Wed, 10 Jun 2020 01:32:24 GMT

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redlock.io/	1970-01-19 12:18:48	Name: _fbp Value: fb.1.1591752744301.1032919090
.redlock.io/	1970-01-19 10:09:12	Name: _gat_UA-83198078-1 Value: 1
.redlock.io/	1970-01-20 03:40:24	Name: _ga Value: GA1.2.1927627854.1591752744
.redlock.io/	1970-01-19 10:10:39	Name: _gid Value: GA1.2.666319391.1591752744
.redlock.io/	1970-01-19 18:47:36	Name: bf_lead Value: 3opn32f6t2og0
.redlock.io/	1970-01-19 12:18:48	Name: _gcl_au Value: 1.1.313280663.1591752744
redlock.io/	1969-12-31 23:59:59	Name: lead_session Value: 1
redlock.io/	1969-12-31 23:59:59	Name: inbound_referral_site Value: Direct Traffic
redlock.io/	1969-12-31 23:59:59	Name: wp_lead_uid Value: S0Dgq2FPg79B3hLLcPpihoVnTVfv3dWeSTa
redlock.io/	1970-01-20 03:40:24	Name: driftt_aid Value: 06d399e3-2b8f-41db-881e-3546dcef5a97
.redlock.io/	1970-01-19 10:52:24	Name: __cfduid Value: df9ae9230d687ab956a3fb1a62c2ff5c31591752741

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://redlock.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://redlock.io/wp-content/plugins/cta/shared/assets/js/frontend/analytics/inboundAnalytics.min.js(Line 2) Message:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.brightfunnel.com
assets.adobedtm.com
code.jquery.com
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.driftt.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
maxcdn.bootstrapcdn.com
munchkin.brightfunnel.com
no-cache.hubspot.com
redlock.io
s.adroll.com
stats.g.doubleclick.net
vidassets.terminus.services
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
108.128.221.150
13.224.198.108
13.224.198.92
143.204.89.103
143.204.89.77
172.217.16.162
2.18.233.40
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
2606:4700:3034::681f:5957
2606:4700::6813:9b53
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:815::2004
2a00:1450:4001:817::2002
2a00:1450:4001:81a::200a
2a00:1450:4001:81d::2001
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9d
2a02:26f0:6c00:299::1e80
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f158:82:face:b00c:0:25de
54.171.23.184
09b74e5ec9c1c542b0457d16b0c315e9963ef5462f1b975c9048d20620bc6c47
0b5b4a374d6dfb06f111c288ba9042d5c4e1305b3da110bea8116f3090bce2e5
0b921c893d56c50550e3d9ff71011c403d3303bdc5f48a5f08882ba36afea08c
0c817c829e442100551f3674c6fb37cd80968fb800c13a4f39036ea2ac27b553
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
129025943b9ed3314aec779d15655a445c8affbfe815e7cb04bee24758421307
15a10e1fdd6d998f091d29aee484e9bec8079dd38c10c5ad0735c4208aadd84a
179ad8e63d76fa4b81b608c9f4a8b17d156b3ba119fb24675ee7fc613501c719
1da69bf26f1c8d59fbd1874c86dc8c2264413b3fb08b7204449a374531bc1340
210fb15b86efa3c12373290e819f5b108d0652670650719edc7890789e8059b3
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
21d6b4ff642f3cad95bc0969e3888449b6b347d151ea91a24a390987875c6162
2265e200507b1207ec22eb06405cfd80e433e6de7665ae9c7f9ef61c375a78cd
263900ff55e7e74d80aaef83287734b2afa168ca706637bb81b1e294c1dac9a4
2be738c6f3a9d02af2b420273fff5b5469007813acd7033cb757dc6759bc591d
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
30c84c7fac5ac9843a718f955e6a08d163cda1e3b801c0bf0cca958ba9582eea
3b00c6721410090fbe6246b33140fc7023a003729ab06420f43edab593c6254f
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819
429e65c9b8c4f0c7a19f434a82889ee35620dfee31770a05e68dbf507b767603
433a811aa93bf4bbcb5cd81196b8f14f6a7d02260f5fc18681b9b77f9ce804ac
436fc6eed2d849bbe4dcbc0f69d992c62fc2f075a1e501ff853f8705f70dbb60
442048bb029ae037356e956aa00da2dd88c25de1e1ea4922e4d5abc8cf766406
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4966cb23ef6dfde265440bd81a088c92d6b0a47a5be6e096e005dc8ab4efc671
4cfa8c40a8b2d43c645389c548e525a22d4dde24f647e05e1cc4ccc55b5c71d2
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
50d147956af748a09545a0b147be588898c6d58f9bcab587421c1709cbac0620
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a5e571d3a50df66c905bb1190d368231e4d90626318d3171c6dd5d7cc861f5
54829f4236bde2066942badf3b63b1df4d4fc9f018dece2ea89ba90bf64dda6c
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56f1f2dcf117094462c923c3ba6c36fdabcb742e24ed513ab50ccad8e751132c
57585baf58ace44ae78a246dafbadd8aa8dfd4ddb7dbdf95f2d59a6c18ef5e22
5b6428a8080c4f81577a04328c9a855a1cc693cf7445ed495954f0f739f4d969
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e91ea289ee2b14e4cfbb4c0cc66aeeb467019e536caf42af05be419be0654e1
63d794e1c5840908bdd96cdf59fd829ad404f62945b3e4b880152e323c46b026
64c681daf67b888a4c50da03cc2445c41f16b4eaee17e7e4f75d64680cd0f259
717e1aa8cb34c2fca34fd9d7f1a7d2c5d2d768c2592f0f9ce2e762efa262a86f
72047497cfabe2a3502b9a53a9bf4e7ea9b4ca4ff8d3d950ee589a19b47d0d70
734bd95b9ae1e5e9150789595540af2ee0591c05680fdffab363c31a69662f92
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7460940d8db56c6b90cbe0e3ca071a53a78bcd54316d67a06b0bd77ff3bf9f05
77e9a2e0d753dde5f899f65771fb02611e59ad9881b64d5e2083ba6626bd5dc6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81b36a48c0269521621f450f477afa94365e1736aaaf33290760fea0fce341a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833eed666bac1362949bc30b581f0f112091a312dd56d5599f6be6135df7e49b
8a4c252da9c4b03a65ca99a734ef82408df893c1b6a5d5a49c4f87f774bc4f75
8c5363a662e4c8b5c62ae5d637e83c4fc657d12094470093507f9070c9fbdfb3
907e7a3f7167cb5e37eec13664f321339555423d3e66a2335070e8c474a69127
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
968d35d07c4e313cfe62a804ecdb3ccb12117fc6504cb6b0332c9fb928bca3dc
97f84e24c7c059750f0382953cd8aed268e67221bc4cd73f5160a847a431a383
9c4022c0bf5b3aba0471b68e3700bd43676ee5b0d8a11d6b5530a1ff9dcf6084
9e2f8fcffeb228a927d3bcce579a14732eb7b42a43e0d893929ce74e314ee015
9f3d351cf3a789321798c32b98a6344f213fab3204cb9c2891916c07f9b8a233
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a7e8b2df0fc0aeceff8db092734de1d6d24532e3fc19e64fe9d32b8494a4588a
aa371b695a477025f6fd48693baea5a6ed0ff4eb71c5a660d854e543b2370013
b1e6b0f2177e2f37b5b2c3d6a7e7430b8403ed85ed13ee6cba792e8123fc2d5a
b5e94fc0a41df809f83d3c3b2aeb8cb723b12231308be24ec32a2e399b8dd36c
b69890fb2918df2454518ad016962ed1fb45885ef1e35058fad81a30faac9586
bd1a82d0591f5898763018826300fcd4f4dc9923b3cbc60bab38d981ce0090d3
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1c2c405c0aa33e4f0ecd886454bb2bacd71d8deccbe21f3ca2de06c90a9d954
c1e8df27eefed0250a8e2785a341a5d35d838d8136f4ffde3168c57e9137aa2b
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
cc6dd9d5f729b0d3b299337496f4eea20afef813663775adc2ef1c92b427dbdb
cd34ee8ae406b1662e7ef53583b899f9ccc52d0920127c4716c6944a68916cd5
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cec333ed71ea0697b7b36c7aac0230744222101d8f8164a3578aa8359ce03f9a
cfbf578b449d1ed6a226933ee80c75198a9c52d736227cf0a64e6e8b058841e3
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d447eb81dc16840763055c0189191c32f22f8a4062a1d896e0d8375681126a88
d82847f6e5b3042692ef1fc7ae342d0db67d37ec05efe9e23eabbfec5fd5ae01
d8396c10620531a0d32f3a5fac26b5e537e43ed07084566f354cfb7dd70e4532
d97717da312832a82535b2a159f3047c810cc531160c1825778a522b0e90d0bc
dce9d64db6579fd4789c6eeb48aabd5a11284d6c07cb44567498e8daf1a7fe2a
ddfac8d3f564750c023e8127a8f970776977a6a8bc31ec773ae3a6ca9b6ed121
df888b9df9e006acae5359c2c62c81967576b266b37b9571924e813c6bdb13b3
dfe0ef57561c9647e339773cb689c294bdbabbcf53b26d3da97504a1a363bf9f
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c9e4a8e5518916b730e9fd83efe48ef42ced31b3f721bb94f966e8896af966
e71e9eb057dbce45fc842c86a300d5410f757f7e0aa9084cb849631528e031f0
e82ba9517671bde40da3d3e3f1ea0b572526247ec3f28f66e7c79f03bbf010bf
ea196471aaf01f69a0ba290a7c7fd76ede9364f790fa725080510645e204fdfa
eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa234ba8fea30f028f728b42ba027da0baff915759c21129893c18e74de9a43
f2a45d797b5274f5370f1e11258fed3d9326c88956b4f312f6432c600e64b86b
f3c85404e595e885749f871bd8476c8a410275e4612998f625f3e43bade62f1f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f725ea829b5f7ceb958f150947eba59435dd092672a13adbb024682014e9e9e7
f79754267a956211b4b46b3c3a20e73726865a8c1d012bb531fede7c7c31e3c8

redlock.io Open in urlscan Pro 2606:4700:3034::681f:5957 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

68 %IPv6

21 Domains

27 Subdomains

24 IPs

6 Countries

2733 kBTransfer

5010 kBSize

11 Cookies

12 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

redlock.io Open in urlscan Pro
2606:4700:3034::681f:5957 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

68 %
IPv6

21
Domains

27
Subdomains

24
IPs

6
Countries

2733 kB
Transfer

5010 kB
Size

11
Cookies

109 HTTP transactions
0 data transactions